not all gateways in ofbiz provide the functionality of cybersource. you can use paypal the same way.
========================= BJ Freeman http://bjfreeman.elance.com Strategic Power Office with Supplier Automation <http://www.businessesnetwork.com/automation/viewforum.php?f=93> Specialtymarket.com <http://www.specialtymarket.com/> Systems Integrator-- Glad to Assist Chat Y! messenger: bjfr33man Linkedin <http://www.linkedin.com/profile?viewProfile=&key=1237480&locale=en_US&trk=tab_pro> carsonrotisserie sent the following on 3/26/2010 9:28 AM: > Storing credit card numbers seems to be a recurring concern with many people. > I’ve tried to find out as much as I can on this issue in regards to ofbiz. > Here are the threads I’ve found so far. > > http://osdir.com/ml/user.ofbiz.apache.org/2009-10/msg00706.html > http://www.mail-archive.com/u...@ofbiz.apache.org/msg05735.html > http://www.pubbs.net/ofbiz/200910/58402/ > http://n4.nabble.com/Address-update-issue-td278128.html#a278186 > > I'm fairly new to ofbiz but I've been developing in ecommerce and I've > worked with different payment gateways for years now. The gateway I've > spent years working with is Cybersource. I find it surprising that ofbiz > has not built an option into the system for selecting to not storing credit > card numbers. I'm not sure about some of the other gateways but I know at > least with cybersource, there is absolutely no reason to store the cc > number. After you make the initialize authorization, you receive a request > token for that auth. With this request token you can make any type of > subsequent requests, whether it is capture, credit, re-auth, etc. The > request token is valid for up to 60 days. Also cybersource returns a unique > request token for each of these requests that can also be used to make > further requests. Having this feature really makes storing the credit card > numbers useless, increases your PCI compliance level, and makes companies > feel a whole lot better. Cybersource also has support for recurring orders > and payments, although I've never used them, I'm sure they could be built > into the ofbiz recurring order functionality. > > I've not really had a chance to dig into the code yet, but for someone who > knows the code, this should be a pretty simple enhancement. All you would > need to do is make sure you store the request token from the initial > authorization and then on the captures, credits, re-auths, instead of > passing the cc number into it, you just pass the request token. >